Labels

.NET Job Questions About Java Absract class Abstract class Abstract Class and Interface Aggregation ajax aop apache ofbiz Apache ofbiz tutrial Association authentication autocad basics batch Binary Tree bootstrap loader in java build Builder design pattern C++ Job Questions caching CallableStatement in java certifications Chain of responsibility Design pattern charts check parentheses in a string Classes classloader in java classloading concept code quality collage level java program Composition concurrency Concurrency Tutorial Converting InputStream to String Core Java core java concept core java interview questions Core Java Interview Questions Core Java Questions core java tutorial CyclicBarrier in Java data structures database Database Job Questions datetime in c# DB Db2 SQL Replication deserialization in java Design Patterns designpatterns Downloads dtd Eclipse ejb example/sample code exception handling in core java file handling injava File I/O vs Memory-Mapped Filter first program in spring flex Garbage Collection Generics concept in java grails groovy and grails Guice Heap hibernate Hibernate Interview Questions how-to IBM DB2 IBM DB2 Tutorial ide immutable Interceptor Interface interview Interview Questions for Advanced JAVA investment bank j2ee java JAVA Code Examples Java 7 java changes java class loading JAVA Classes and Objects Java Classloader concept Java classloading concept java cloning concept java collection Java collection interview questions Java Collections java concurrency Java CountDownLatch java definiton Java design pattern Java EE 5 Java EE 6 Java Exceptions Java file Java Garbage Collection Java generics Java Glossary java hot concept java immutable concept Java Interface Java interview Question java interview question 2012 java interview question answer Java Interview Questions Java Interview Questions and Answers java interview topic java investment bank Java Job Questions java multithreading java multithreading concept java new features Java Packages java proxy object java questions Java Serialization Java serialization concept java serialization interview question java session concept java string Java Swings Questions java synchronization java threading Java Threads Questions java tutorial java util; java collections; java questions java volatile java volatile interview question Java Wrapper Classes java.java1.5 java.lang.ClassCastException JavaNotes javascript JAX-WS jdbc JDBC JDBC Database connection jdk 1.5 features JDK 1.5 new features Concurrent HashMap JMS interview question JMS tutorial job JSESSIONID concept JSESSIONID interview Question JSF jsp JSP Interview Question JSP taglib JSTL with JSP Junit Junit Concept Junit interview question.Best Practices to write JUnit test cases in Java JVM Linux - Unix tutorial Marker Interfaces MD5 encryption and decryption messaging MNC software java interview question musix NCR java interview question Networking Job Questions news Object Serialization Objects ojdbc14.jar OOP Oracle Oracle SQL Query for two timestamp difference orm own JavaScript function call in Apache ofbiz Packages Palm Apps patterns pdf persistence Portal Portlet Spring Integration Prime number test in java programs Rails Reboot remote computers REST Ruby Sample application schema SCJP security Senior java developer interviews servlet3 servlets session tracking singleton design pattern Spring Spring 2.5 Framework spring ebook Spring framework concept spring MVC spring pdf Spring Security Spring Security interview questions SQL SQL performance SQL Query to create xml file Sql Query tuning ssis and ssrs StAX and XML string concept string immutable string in java strings struts Struts2 Struts2 integration synchronization works in java Technical Interview testing tips Tomcat top Tutorial Volatile in deep Volatile working concept web Web Developer Job Questions web services weblogic Weblogic Application Server websphere what is JSESSIONID xml XML parsing in java XML with Java xslt


Tuesday, 16 July 2013

SCWCD Questions 231- 240


QUESTION NO: 231


Which two statements are true about the security-related tags in a valid Java EE deployment
descriptor? (Choose two.)
A. Every <security-constraint> tag must have at least one <http-method> tag.
B. A <security-constraint> tag can have many <web-resource-collection> tags.
C. A given <auth-constraint> tag can apply to only one <web-resource-collection> tag.
D. A given <web-resource-collection> tag can contain from zero to many <url-pattern> tags.
E. It is possible to construct a valid <security-constraint> tag such that, for a given resource, no
user roles can access that resource.

Answer: B,E


QUESTION NO: 232


Which element of a web application deployment descriptor <security-constraint> element is
required?
A. <realm-name>
B. <auth-method>
C. <security-role>
D. <transport-guarantee>
E. <web-resource-collection>

Answer: E


QUESTION NO: 233


Which two are required elements for the <web-resource-collection> element of a web application
deployment descriptor? (Choose two.)
A. <realm-name>
B. <url-pattern>
C. <description>
D. <web-resource-name>
E. <transport-guarantee>

Answer: B,D


QUESTION NO: 234


Given:
3. class MyServlet extends HttpServlet {
4. public void doPut(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException {
5. // servlet code here
...
26. }
27. }
If the DD contains a single security constraint associated with MyServlet and its only <httpmethod>
tags and <auth-constraint> tags are:
<http-method>GET</http-method>
<http-method>PUT</http-method>
<auth-constraint>Admin</auth-constraint>
Which four requests would be allowed by the container? (Choose four.)
A. A user whose role is Admin can perform a PUT.
B. A user whose role is Admin can perform a GET.
C. A user whose role is Admin can perform a POST.
D. A user whose role is Member can perform a PUT.
E. A user whose role is Member can perform a POST.
F. A user whose role is Member can perform a GET.

Answer: A,B,C,E


QUESTION NO: 235


What is true about Java EE authentication mechanisms?
A. If your deployment descriptor correctly declares an authentication type of CLIENT_CERT, your
users must have a certificate from an official source before they can use your application.
B. If your deployment descriptor correctly declares an authentication type of BASIC, the container
automatically requests a user name and password whenever a user starts a new session.
C. If you want your web application to support the widest possible array of browsers, and you want
to perform authentication, the best choice of Java EE authentication mechanisms is DIGEST.
D. To use Java EE FORM authentication, you must declare two HTML files in your deployment
descriptor, and you must use a predefined action in the HTML file that handles your user's login.

Answer: D


QUESTION NO: 236


Which two statements are true about using the isUserInRole method to implement security in a
Java EE application? (Choose two.)
A. It can be invoked only from the doGet or doPost methods.
B. It can be used independently of the getRemoteUser method.
C. Can return "true" even when its argument is NOT defined as a valid role name in the
deployment descriptor.
D. Using the isUserInRole method overrides any declarative authentication related to the method
in which it is invoked.
E. Using the isUserInRole method overrides any declarative authorization related to the method in
which it is invoked.

Answer: B,C


QUESTION NO: 237


Given an HttpServletRequest request and an HttpServletResponse response:
41. HttpSession session = null;
42. // insert code here
43. if(session == null) {
44. // do something if session does not exist
45. } else {
46. // do something if session exists
47. }
To implement the design intent, which statement must be inserted at line 42?
A. session = response.getSession();
B. session = request.getSession();
C. session = request.getSession(true);
D. session = request.getSession(false);
E. session = request.getSession("jsessionid");

Answer: D


QUESTION NO: 238


You need to store a floating point number, called Tsquare, in the session scope. Which two code
snippets allow you to retrieve this value? (Choose two.)
A. float Tsquare = session.getFloatAttribute("Tsquare");
B. float Tsquare = (Float) session.getAttribute("Tsquare");
C. float Tsquare = (float) session.getNumericAttribute("Tsquare");
D. float Tsquare = ((Float) session.getAttribute.("Tsquare")).floatValue();
E. float Tsquare = ((Float) session.getFloatAttribute.("Tsquare")).floatValue;
F. float Tsquare = ((Float) session.getNumericAttribute.("Tsquare")).floatValue;

Answer: B,D


QUESTION NO: 239


A web application uses the HttpSession mechanism to determine if a user is "logged in." When a
user supplies a valid user name and password, an HttpSession is created for that user.
The user has access to the application for only 15 minutes after logging in. The code must
determine how long the user has been logged in, and if this time is greater than 15 minutes, must
destroy the HttpSession.
Which method in HttpSession is used to accomplish this?
A. getCreationTime
B. invalidateAfter
C. getLastAccessedTime
D. getMaxInactiveInterval

Answer: A


QUESTION NO: 240


Which method must be used to encode a URL passed as an argument to
HttpServletResponse.sendRedirect when using URL rewriting for session tracking?
A. ServletResponse.encodeURL
B. HttpServletResponse.encodeURL
C. ServletResponse.encodeRedirectURL
D. HttpServletResponse.encodeRedirectURL

Answer: D

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

LinkWithin

Related Posts Plugin for WordPress, Blogger...